Oracle has shipped 237 patches for vulnerabilities impacting hundreds of product versions as part of its latest quarterly critical patch update. Product lines coming in for some of the most fixes include Oracle Financial Services Applications, with 34, Fusion Middleware with 27, MySQL with 25 and Java SE with 21. In many cases, the vulnerabilities […]
Criminals behind the VenusLocker ransomware have switched to cryptocurrency mining in their latest campaign targeting computer users in South Korea. Instead of attempting to infect targeted computers with ransomware, the group is now trying to install malware on PCs that mines for Monero, an open-source cryptocurrency. The shift was spotted by FortiGuard Labs, which said […]
Spam campaigns delivering Zyklon HTTP malware are attempting to exploit three relatively new Microsoft Office vulnerabilities. The attacks are targeting telecommunications, insurance and financial service firms. According to FireEye researchers who identified the campaigns, attackers are attempting to harvest passwords and cryptocurrency wallet data along with recruiting targeted systems for possible future distributed denial of […]
Mobile and cloud computing have challenged the concept of perimeter security. There is no longer an easily definable perimeter to defend. VPNs are a traditional, but not ideal solution. Neither approach addresses the attacker who gets through the perimeter or into the VPN. Google long ago recognized the problems and introduced BeyondCorp as an alternative […]
Intel’s efforts to issue fixes for the Spectre and Meltdown CPU vulnerabilities are still hitting some bumps in the road, a company executive said in a blog post. “We have now issued firmware updates for 90 percent of Intel CPUs introduced in the past five years, but we have more work to do,” said Navin […]
The update will address a flaw software developer Abraham Masri publicly identified in a tweet earlier this week, according to multiple published reports. The flaw causes the iMessage app on iOS devices to freeze, crash or restart. Macs are also affected. A macOS High Sierra 10.13.3 update is expected later this month to fix the […]
A vulnerability has emerged that allows hackers to automatically download malware to a victim’s computer directly from a Google Drive URL. Proofpoint uncovered the vulnerability and created a proof-of-concept exploit for the issue, which exists in the Google Apps Script. The development platform is based on JavaScript and allows the creation of both standalone web […]
2017 has been a tough year from a cybersecurity stand point. We’ve seen some of the biggest hacks and data breaches ever, as well as one of the most devastating ransomware/malware outbreaks on record. Despite all of this – I’m going to make a statement that will shock many in the industry – cybersecurity is […]
In May 2018, the General Data Protection Regulation (GDPR) comes into force. GDPR toughens rules around obtaining consent to process data; it forces companies to tell consumers whenever a serious breach occurs; it sets much more stringent standards for data protection; and it means that companies can be forced to stop collecting or processing data, […]
Canonical was forced to release a second round of Ubuntu updates that address the recently disclosed CPU vulnerabilities after some users complained that their systems no longer booted after installing the initial patches. On January 9, Canonical released Ubuntu updates designed to mitigate Spectre and Meltdown, two recently disclosed attack methods that work against processors […]
